2024-09-25 CyberExpo

The Overall Show

Myself and my son Ansel spent a day at Cyber Expo 2024 at Olympia this year.

It is part of a larger Security Event. The sense of heightened physical security was quite obvious as you approached Olympia. While there is some overlap between the physical and cyber security needs, we were there to see trends and themes at the Cyber Expo.

There were a few things of note.

Human resources aspects of running any company seemed to come to the fore: skills shortages, stress.

Engagement at the booths was enhanced by themed games: escape rooms, puzzles. It might be that this audience is more adept at cerebral gymnastics, but I thought it much more likely that I would remember the booth if I had played a game in it.

I did discover some new categories of software. External Attack Surface Management. We have used dynamic services like Whitehat to scan the website and look for vulnerabilities, but this seems to go further. It looks for changes in the website and asks if these have been from yourself. It checks for whether contact details might be leaking from the website making you vulnerable to phishing attacks.

We did see that there is some bleed between companies that offer Security Certifications into AI Certification, (although this might have been expected as there is somewhat of a standard flow to the ISO Certification thinking).

Overall, it was a very useful day with a lot of new information and some new contacts. This is a few of the presentations that we attended

Safeguarding the democratic process in the Year of Elections

We listened to a great presentation on the impact of technology on the electoral process. There were 2 very different perspectives being shared: one that the electoral result can be provable through technology and the other being that belief systems being nefariously changed negate any relevance of provability. The feeling that I was left with was that while the degree of automation may not be as important as it was presented, systems thinking, controls thinking, audit thinking is crucial to the electoral process.

Secure by Design ' what do we mean by Resilience?

We listened to some great information regarding resilience. The presenter also defined resiliance at the next level of detail.

-Rebound. The ability to recover.

-Robustness. The ability to absorb an adverse event.

-Graceful extensibility.

-Sustained adaptability

The speaker also made a point of connecting the domains of expertise that all have to embed resilience in their engineering thinking. Water Management, Biological Systems, Safety Management.

Taking LLMs to the Edge

The repositioning of everything to be Artificial Intelligence was not as widespread as other technology conferences that we attended this year. However, there was one presentation on Large Language Model computing and how that might be deployed in different network settings was very interesting for other projects that SSTC is currently pursuing.

The Hacking Games

We also listened to a great presentation on the next generation of hackers

A lot of hacking is being done by children. The hacking community has gone through three very different stages of evolution.

Profile 1. Outsider. Nerdy misfit.

Profile 2. Nation state, criminal gang.

Profile 3. Children in General population

Profile 3 is very scary because of the numbers involved. Children get into hacking through games in order to get cheat codes, but it escalates quickly. A different social contract exists on gaming platforms, encouraged by nefarious parties.

The Hacking Games is an organization that is building a community and career paths for young ethical hackers.

Google Sites

Report abuse